Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/97e3da194cdb10f4e970d6372e969dfeb03e2b7c.roa
File:                     97e3da194cdb10f4e970d6372e969dfeb03e2b7c.roa (raw, json)
Hash identifier:          SFdqiMSo4JHqkclXPhEtEl4Kjas+81qxfBg0zm7F4y8=
Subject key identifier:   63:7B:4F:88:09:F3:DA:FA:7F:AD:A2:9F:EB:E3:C4:32:3A:D9:10:BB
Certificate issuer:       /CN=9027bea49a2d292834550bf575448d0b5b71311a
Certificate serial:       124DAE
Authority key identifier: 43:2C:4B:7D:96:B7:48:C4:89:B4:5C:BD:8E:F0:06:64:57:C0:7C:66
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9027bea49a2d292834550bf575448d0b5b71311a.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/97e3da194cdb10f4e970d6372e969dfeb03e2b7c.roa
Signing time:             Wed 06 Oct 2021 13:22:49 +0000
ROA not before:           Wed 24 Mar 2021 03:00:00 +0000
ROA not after:            Tue 24 Mar 2026 03:00:00 +0000
asID:                     52268
IP address blocks:        138.59.168.0/22 maxlen: 24
                          170.233.176.0/22 maxlen: 24

Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/9027bea49a2d292834550bf575448d0b5b71311a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/9027bea49a2d292834550bf575448d0b5b71311a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9027bea49a2d292834550bf575448d0b5b71311a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.crl
                          rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.mft
                          rsync://repository.lacnic.net/rpki/lacnic/ff14e9055d5afaa37fbe20f4a26bd13c8f18d79a.cer
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.crl
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Sun 31 Mar 2024 03:49:52 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1199534 (0x124dae)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9027bea49a2d292834550bf575448d0b5b71311a
        Validity
            Not Before: Mar 24 03:00:00 2021 GMT
            Not After : Mar 24 03:00:00 2026 GMT
        Subject: CN=97e3da194cdb10f4e970d6372e969dfeb03e2b7c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e3:fc:1c:37:34:b1:13:da:1d:71:1d:f2:b0:64:
                    2c:cf:6d:ce:ee:5b:8d:f8:da:f7:24:77:65:84:f7:
                    71:e6:f7:aa:bc:35:d8:dc:ba:13:3f:65:73:33:ea:
                    8c:c4:99:72:d3:85:56:38:e5:09:1a:c5:a0:63:84:
                    8d:26:19:09:f2:00:a6:3b:49:ed:02:e3:85:64:d1:
                    71:d7:17:74:1d:e0:5a:3b:a7:a1:6c:66:da:39:cf:
                    8d:eb:7b:1b:00:34:5b:4c:68:82:22:41:49:d8:13:
                    99:7b:7c:26:5b:af:f3:e2:5a:cb:ac:ab:5e:96:b8:
                    a1:7c:c3:32:c8:f8:2a:6d:07:c1:2d:d5:93:3c:bc:
                    65:7b:75:6d:77:38:12:c5:66:54:2d:00:b2:3c:55:
                    bf:98:e9:19:7e:58:5f:28:d8:35:76:95:42:71:85:
                    ad:2a:fa:0c:35:d4:c5:e1:a5:e1:72:ba:82:b7:36:
                    5a:63:f0:32:3c:34:e5:88:b6:7c:c2:42:7a:59:a9:
                    6c:7b:fc:45:f2:2c:c6:68:8d:d7:86:9d:16:d0:da:
                    23:d3:7b:79:35:68:09:8d:c2:8d:61:a7:22:95:0c:
                    e9:c5:77:9e:79:5e:a3:17:bc:10:47:74:71:09:b7:
                    ff:d6:c2:fa:76:bd:28:aa:13:a2:a9:cd:c4:f1:fb:
                    b5:3d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                63:7B:4F:88:09:F3:DA:FA:7F:AD:A2:9F:EB:E3:C4:32:3A:D9:10:BB
            X509v3 Authority Key Identifier:
                keyid:43:2C:4B:7D:96:B7:48:C4:89:B4:5C:BD:8E:F0:06:64:57:C0:7C:66

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/48f083bb-f603-4893-9990-0284c04ceb85/9027bea49a2d292834550bf575448d0b5b71311a.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/97e3da194cdb10f4e970d6372e969dfeb03e2b7c.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/f36529a5-efd7-4819-ac80-9b105ddf3b32/9027bea49a2d292834550bf575448d0b5b71311a.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  138.59.168.0/22
                  170.233.176.0/22

    Signature Algorithm: sha256WithRSAEncryption
         33:49:b1:2b:31:eb:58:0f:02:97:56:7b:6c:3b:90:8e:71:34:
         b2:d7:47:f6:7b:a9:59:11:27:69:44:53:e7:bd:61:f0:a4:e8:
         11:7a:af:93:df:a9:d6:40:79:7c:6e:14:2f:c2:db:89:37:78:
         db:5e:98:43:2d:9a:4c:04:e8:cd:a5:10:32:18:9f:37:21:5c:
         c8:66:38:d3:4a:dd:93:f5:05:17:58:38:3a:bb:aa:ee:9a:15:
         94:74:1c:ec:03:f5:16:24:a1:71:cb:e0:0e:fd:46:99:9d:11:
         08:66:e6:88:61:c3:0f:3e:e0:14:e1:54:54:0a:5b:58:7f:b5:
         6d:34:fe:ed:4a:08:35:ea:1d:3e:79:6b:d0:c9:f5:2f:38:d9:
         f1:81:64:d9:f1:3c:20:0d:90:53:d0:ea:31:cc:a9:f6:b0:e4:
         f2:86:58:a5:30:16:22:b7:91:a1:77:c4:c0:0d:49:82:e1:60:
         2e:99:2e:7f:5e:8d:50:ec:22:e9:09:54:5b:cc:7a:29:78:7e:
         89:1b:c1:61:10:fd:3c:36:9c:04:03:e6:28:f4:92:e0:90:b3:
         12:ed:cb:a5:1c:3a:e3:d8:11:87:3a:f7:83:93:21:59:54:80:
         23:f1:86:20:59:c3:30:16:dd:d8:8e:87:99:7e:cf:81:40:88:
         3d:14:be:f6
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIDEk2uMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDkw
MjdiZWE0OWEyZDI5MjgzNDU1MGJmNTc1NDQ4ZDBiNWI3MTMxMWEwHhcNMjEwMzI0
MDMwMDAwWhcNMjYwMzI0MDMwMDAwWjAzMTEwLwYDVQQDEyg5N2UzZGExOTRjZGIx
MGY0ZTk3MGQ2MzcyZTk2OWRmZWIwM2UyYjdjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA4/wcNzSxE9odcR3ysGQsz23O7luN+Nr3JHdlhPdx5veqvDXY
3LoTP2VzM+qMxJly04VWOOUJGsWgY4SNJhkJ8gCmO0ntAuOFZNFx1xd0HeBaO6eh
bGbaOc+N63sbADRbTGiCIkFJ2BOZe3wmW6/z4lrLrKtelrihfMMyyPgqbQfBLdWT
PLxle3VtdzgSxWZULQCyPFW/mOkZflhfKNg1dpVCcYWtKvoMNdTF4aXhcrqCtzZa
Y/AyPDTliLZ8wkJ6Walse/xF8izGaI3Xhp0W0Noj03t5NWgJjcKNYacilQzpxXee
eV6jF7wQR3RxCbf/1sL6dr0oqhOiqc3E8fu1PQIDAQABo4ICYTCCAl0wHQYDVR0O
BBYEFGN7T4gJ89r6f62in+vjxDI62RC7MB8GA1UdIwQYMBaAFEMsS32Wt0jEibRc
vY7wBmRXwHxmMA4GA1UdDwEB/wQEAwIHgDCBmgYIKwYBBQUHAQEEgY0wgYowgYcG
CCsGAQUFBzAChntyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5ldC9ycGtpL2xh
Y25pYy80OGYwODNiYi1mNjAzLTQ4OTMtOTk5MC0wMjg0YzA0Y2ViODUvOTAyN2Jl
YTQ5YTJkMjkyODM0NTUwYmY1NzU0NDhkMGI1YjcxMzExYS5jZXIwgZoGCCsGAQUF
BwELBIGNMIGKMIGHBggrBgEFBQcwC4Z7cnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25p
Yy5uZXQvcnBraS9sYWNuaWMvZjM2NTI5YTUtZWZkNy00ODE5LWFjODAtOWIxMDVk
ZGYzYjMyLzk3ZTNkYTE5NGNkYjEwZjRlOTcwZDYzNzJlOTY5ZGZlYjAzZTJiN2Mu
cm9hMIGPBgNVHR8EgYcwgYQwgYGgf6B9hntyc3luYzovL3JlcG9zaXRvcnkubGFj
bmljLm5ldC9ycGtpL2xhY25pYy9mMzY1MjlhNS1lZmQ3LTQ4MTktYWM4MC05YjEw
NWRkZjNiMzIvOTAyN2JlYTQ5YTJkMjkyODM0NTUwYmY1NzU0NDhkMGI1YjcxMzEx
YS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQW
MBQwEgQCAAEwDAMEAoo7qAMEAqrpsDANBgkqhkiG9w0BAQsFAAOCAQEAM0mxKzHr
WA8Cl1Z7bDuQjnE0stdH9nupWREnaURT571h8KToEXqvk9+p1kB5fG4UL8LbiTd4
216YQy2aTATozaUQMhifNyFcyGY400rdk/UFF1g4Oruq7poVlHQc7AP1FiShccvg
Dv1GmZ0RCGbmiGHDDz7gFOFUVApbWH+1bTT+7UoINeodPnlr0Mn1LzjZ8YFk2fE8
IA2QU9DqMcyp9rDk8oZYpTAWIreRoXfEwA1JguFgLpkuf16NUOwi6QlUW8x6KXh+
iRvBYRD9PDacBAPmKPSS4JCzEu3LpRw649gRhzr3g5MhWVSAI/GGIFnDMBbd2I6H
mX7PgUCIPRS+9g==
-----END CERTIFICATE-----
Generated at Thu Mar 28 10:47:19 2024 by rpki-client on console-ams.rpki-client.org